In resource-constrained Internet-of-Things networks, the use of conventional message authentication codes (MACs) to provide message authentication and integrity is not possible due to the large size of the MAC output. A straightforward yet naive solution to this problem is to employ a truncated MAC which undesirably sacrifices cryptographic strength in exchange for reduced communication overhead. In this article, we address this problem by proposing a novel approach for message authentication called cumulative MAC (CuMAC), which consists of two distinctive procedures: 1) aggregation and 2) accumulation . In aggregation, a sender generates compact authentication tags from segments of multiple MACs by using a systematic encoding procedure. In accumulation, a receiver accumulates the cryptographic strength of the underlying MAC by collecting and verifying the authentication tags. Embodied with these two procedures, CuMAC enables the receiver to achieve an advantageous tradeoff between the cryptographic strength and the latency in the processing of the authentication tags. Furthermore, for some latency-sensitive messages where this tradeoff may be unacceptable, we propose a variant of CuMAC that we refer to as CuMAC with speculation (CuMAC/S). In addition to the aggregation and accumulation procedures, CuMAC/S enables the sender and receiver to employ a speculation procedure for predicting future message values and precomputing the corresponding MAC segments. For the messages which can be reliably speculated, CuMAC/S significantly reduces the MAC verification latency without compromising the cryptographic strength. We have carried out a comprehensive evaluation of CuMAC and CuMAC/S through simulation and a prototype implementation on a real car.

中文翻译：

---

资源受限物联网网络的累积消息认证代码

在资源受限的物联网网络中，由于 MAC 输出的尺寸很大，因此无法使用传统的消息认证代码 (MAC) 来提供消息认证和完整性。对此问题的一个简单而简单的解决方案是采用截断的 MAC，这会不合需要地牺牲加密强度以换取减少的通信开销。在本文中，我们通过提出一种称为累积 MAC (CuMAC) 的消息认证新方法来解决这个问题，该方法由两个不同的程序组成：1)聚合和 2) 积累。在聚合中，发送方通过使用系统的编码过程从多个 MAC 的段中生成紧凑的认证标签。在累积中，接收者通过收集和验证认证标签来累积底层 MAC 的密码强度。通过这两个过程，CuMAC 使接收器能够在加密强度和认证标签处理中的延迟之间实现有利的权衡。此外，对于一些延迟敏感的消息，这种折衷可能是不可接受的，我们提出了一种 CuMAC 的变体，我们将其称为带有推测的 CuMAC (CuMAC/S)。除了聚合和累积程序，CuMAC/S 使发送方和接收方能够采用推测程序来预测未来的消息值并预先计算相应的 MAC 段。对于可以可靠推测的消息，CuMAC/S 在不影响加密强度的情况下显着降低了 MAC 验证延迟。我们通过仿真和在真车上的原型实现，对CuMAC和CuMAC/S进行了综合评估。